feat: revoke all candidate sessions on password reset

core/src/services/candidate_service.rs

@@ -118,7 +118,9 @@ impl CandidateService {
         let encrypted_priv_key = crypto::encrypt_password(priv_key_plain_text, 
             new_password_plain.to_string()
         ).await?;
-        
+
+
+        SessionService::revoke_all_sessions(db, Some(id), None).await?;
         Mutation::update_candidate_password_with_keys(db, candidate.clone(), new_password_hash, pubkey, encrypted_priv_key).await?;
         
         let enc_details_opt = EncryptedApplicationDetails::try_from((candidate, parent));

core/src/services/session_service.rs

@@ -1,7 +1,7 @@
 use std::cmp::min;
 
 use entity::{admin, candidate};
-use sea_orm::{prelude::Uuid, DatabaseConnection, ModelTrait};
+use sea_orm::{prelude::Uuid, DatabaseConnection, ModelTrait, DbConn};
 
 use crate::{
     crypto::{self},
@@ -114,9 +114,12 @@ impl SessionService {
         Ok(session.id.to_string())
     }
 
+    pub async fn revoke_all_sessions(db: &DbConn, user_id: Option<i32>, admin_id: Option<i32>) -> Result<(), ServiceError> {
+        Self::delete_old_sessions(db, user_id, admin_id, 0).await
+    }
+
     /// Authenticate user by session id
     /// Return user model if session is valid
-
     pub async fn auth_user_session(
         db: &DatabaseConnection,
         uuid: Uuid,
@@ -162,11 +165,8 @@ impl SessionService {
 
 #[cfg(test)]
 mod tests {
-    use entity::{admin, candidate, session, parent};
-
     use sea_orm::{
-        prelude::Uuid, sea_query::TableCreateStatement, ConnectionTrait, Database, DbBackend,
+        prelude::Uuid,
-        DbConn, Schema,
     };
 
     use crate::{